Data Integrity Services is a Sophos Platinum Partner and IT Systems Integration company based in Lakeland, Florida. Our Blog covers topics from business computing security to solutions for the health care industry. We also offer information about managed services, Backup and continuity preparedness and vendor management.

Pages

Monday, June 9, 2014

Gameover, also known as Gameover Zeus, Zeus, or Zbot, has been back in the news with headlines suggesting infected users have a small window of opportunity to remove this malware before the criminal’s botnet is reactivated.

Sophos customers have been protected since Gameover (Zbot) and CryptoLocker first came to light. Our free Sophos Virus Removal Tool can help identify and clean up any infected computers.

The threat

Law enforcement officers have taken down the botnet command and control servers that were behind the notorious Gameover malware. Gameover was used to steal banking credentials, infect victims with the CryptoLocker malware and more.

The servers will undoubtedly get rebuilt — they are too lucrative for the cybercriminals to drop — but in the meantime there is a short window for users to remove existing infections and make sure they are protected in the future.

Sophos Email Protection stops malicious emails (one of the main ways CryptoLocker is distributed) from reaching your end users.

Sophos Web Filtering prevents malware like Gameover and CryptoLocker being downloaded from infected legitimate sites. It also stops the malware connecting back to the cybercriminals, which can prevent the malware delivering its payload (for example stopping it encrypting user data in the case of ransomware).

Sophos UTM secures networks against advanced threats like Gameover with multi-layered protection including antivirus, Intrusion Prevention System (IPS) and UTM 9.2’s new Botnet and Command and Control server detection. Watch a short video on how we do it. Take a free trialtoday.

Tips to stay secure

Here are our top tips to keep your organization secure against Gameover, CryptoLocker and other threats:

1. Make sure you are running up-to-date endpoint security software and that it is enabled.

2. Ensure your computer is up to date and fully patched. Not just your operating system, but your web browser and third party applications like Java too.

3. A lot of malicious code is distributed via links in emails or social media messages, so don’t click on suspicious links or attachments in email, even better use email filtering.

4. Use web filtering to prevent you browsing to websites infected with malicious code – 80% of infected websites are legitimate sites that have been compromised.

5. If you’re worried you aren’t secure, or think you may be infected, run a scan with a tool like the Sophos Free Virus Removal tool which will detect and remove any nasty code like Gameover.

6. Keep regular backups of your important files and if you can, store them offline, where they can’t be affected in the event of an attack on your active files.

7. Protect yourself on the network as well as the endpoint. Some malware, such as CryptoLocker, requires a network connection. Network security can pick up the attempt to access the command and control server and block it. The malware will still be on your system, but it won’t enable the nasty payload that encrypts all your information. Network security also helps you cover systems where the endpoint security is not installed (such as that printer running Windows XP you might have).

Threat deep-dive

SophosLabs, our global network of threat researchers, are experts in these types of malware. We have a number of free resources if you’d like to learn more:

Friday, January 10, 2014

Phishing is a psychological attack used by cyber criminals
to trick you into giving up information or taking an action.This term has evolved from an email attack
that would steal your password to almost any message based attack.

These attacks begin with a cyber criminal sending a message
pretending to be from someone or something you know, such as a friend, your
bank or a well-known store.

These messages then entice you into taking an action.Click on the link, open an infected attachment
or respond to a scam.These messages are
sent to millions of email addresses, with the hopes of a few falling prey to
the scam.

These criminal also use social media and instant messaging
to troll for unsuspecting victims.

What should you do?

·Check for a valid email address. If you don’t
know the sender, delete the email.

·Be suspicious of emails addressed to “Dear
Customer” or some other generic salutation.

·Be suspicious of grammar or spelling mistakes.

·Be suspicious of any email that requires “immediate
action” or creates some sort of urgency.

·Be very careful of links and only click on those
that you are expecting.

·Be suspicious of attachments.

·Be suspicious of messages that sound too good to
be true

·Just because you got an email from a friend doesn’t
mean they sent it.Their computer or
smart phone could be infected.

If you are concerned about the security of your technology,
give us a call.

My next blog will attempt to explain what can happen once
you fall victim to an online scam.

Data Integrity strongly recommends that a health care covered entity implements encryption, data protection and other safe guards to meet the new Omnibus regulations. Willful neglect can be extremely costly. Solutions are not that expensive and can be easily implemented. Sam